endurer 原创 2009-03-28 第1版 在某论坛上看到一个贴子,说是免费送瑞星产品序列号。 点击下载附件,卡巴斯基报告:hxxp://bbs.***.com/images/bbs4/attachment/200903/2 3/瑞星产品序列号.rar//瑞星产品序列号/4501.exe/CaptchaOCR.dll Maxthon Web Browser 检测到威胁: Trojan-Downloader.Win32.VB.lbv 把文件下载回来看看。 文件说明符 : D:\test\瑞星产品序列号.rar 属性 : A--- 数字签名:否 PE文件:否 创建时间 : 2009-3-28 17:33:33 修改时间 : 2009-3-28 17:33:35 大小 : 125839 字节 122.911 KB MD5 : d2cdb0dfd9ca6288ad3c533ba77a7327 SHA1: 61CD4622F58D42AC98EDCD645ECC50A3A393E547 CRC32: d887ef62 里面包含2个文件: 1、 文件说明符 : D:\test\瑞星产品序列号\4501.exe 属性 : A--- 数字签名:否 PE文件:是 获取文件版本信息大小失败! 创建时间 : 2009-3-28 17:34:34 修改时间 : 2009-3-15 22:14:34 大小 : 190366 字节 185.926 KB MD5 : d0285eedad884134b8f61176bea7b762 SHA1: 3E67D519D7ADC19B54339B67AD19F56AFC6F9DCA CRC32: 4f6c53d2 文件 4501.exe 接收于 2009.03.28 10:38:26 (CET) 反病毒引擎 版本 最后更新 扫描结果 a-squared 4.0.0.101 2009.03.28 Trojan-Dropper.Delf!IK AhnLab-V3 5.0.0.2 2009.03.27 Win-Trojan/Xema.variant AntiVir 7.9.0.129 2009.03.27 TR/Dldr.VB.lbv Antiy-AVL 2.0.3.1 2009.03.28 Trojan/Win32.VB Authentium 5.1.2.4 2009.03.27 W32/Dropper.EUQ Avast 4.8.1335.0 2009.03.27 Win32:Trojan-gen {Other} AVG 8.5.0.285 2009.03.27 Downloader.Generic8.ACLE BitDefender 7.2 2009.03.28 Trojan.Generic.1556083 CAT-QuickHeal 10.00 2009.03.28 - ClamAV 0.94.1 2009.03.28 - Comodo 1087 2009.03.28 - DrWeb 4.44.0.09170 2009.03.28 - eSafe 7.0.17.0 2009.03.27 Suspicious File eTrust-Vet 31.6.6421 2009.03.27 - F-Prot 4.4.4.56 2009.03.27 W32/Dropper.EUQ F-Secure 8.0.14470.0 2009.03.28 Trojan-Downloader.Win32.VB.lbv Fortinet 3.117.0.0 2009.03.28 W32/VB.LBV!tr.dldr GData 19 2009.03.28 Trojan.Generic.1556083 Ikarus T3.1.1.48.0 2009.03.28 Trojan-Dropper.Delf K7AntiVirus 7.10.683 2009.03.27 Trojan-Downloader.Win32.VB.lbv Kaspersky 7.0.0.125 2009.03.28 Trojan-Downloader.Win32.VB.lbv McAfee 5566 2009.03.27 New Malware.bj McAfee+Artemis 5566 2009.03.27 New Malware.bj McAfee-GW-Edition 6.7.6 2009.03.28 Trojan.Dldr.VB.lbv Microsoft 1.4502 2009.03.27 - NOD32 3971 2009.03.28 - Norman 6.00.06 2009.03.27 - nProtect 2009.1.8.0 2009.03.28 - Panda 10.0.0.10 2009.03.27 Generic Trojan PCTools 4.4.2.0 2009.03.27 - Prevx1 V2 2009.03.28 - Rising 21.22.52.00 2009.03.28 - Sophos 4.40.0 2009.03.28 Sus/Behav-192 Sunbelt 3.2.1858.2 2009.03.28 Trojan.1 Symantec 1.4.4.12 2009.03.28 Downloader TheHacker 6.3.3.8.294 2009.03.28 - TrendMicro 8.700.0.1004 2009.03.28 TROJ_DLOADER.OZ VBA32 3.12.10.1 2009.03.27 - ViRobot 2009.3.27.1666 2009.03.27 - 附加信息 File size: 190366 bytes MD5...: d0285eedad884134b8f61176bea7b762 SHA1..: 3e67d519d7adc19b54339b67ad19f56afc6f9dca SHA256: d06a189440647ca37db30546677c9c9ffa315c0dfdd31a444f d294db6bb2eac7 SHA512: 47c27929394821fa00f45e04f51a0e52b99b9422e57b87167c f3016969a6ade9 567d61604ee0dd5df1bddd3aa5528b165fe1cb798337c89dee c9e6089d607177 ssdeep: 3072:TzNWMKKRZYchObK91C8sV6Xmoo4LEpYs+38phJk1e7jP7 nu/+XdgzQbI6mD /SF:TZuuObR8sVImcyYtghJX7jP7XZ22F PEiD..: - TrID..: File type identification WinRAR Self Extracting archive (96.2%) Win32 Executable Generic (1.5%) Win32 Dynamic Link Library (generic) (1.4%) Generic Win/DOS Executable (0.3%) DOS Executable Generic (0.3%) PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1000 timedatestamp.....: 0x46f268e6 (Thu Sep 20 12:34:46 2007) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x14000 0x13800 6.47 8c499086717691066d921075ed5bdb09 .data 0x15000 0x7000 0xa00 4.91 0cb811e47f78b5404a658fb36b591857 .idata 0x1c000 0x1000 0x1000 5.12 8bf175092a70a21f11fd06cc4087c7d0 .rsrc 0x1d000 0x79c0 0x7a00 4.35 9fd7abf531c84e1e793882ab2a21bcf3 ( 8 imports ) > ADVAPI32.DLL: AdjustTokenPrivileges, LookupPrivilegeValueA, OpenProcessToken, RegCloseKey, RegCreateKeyExA, RegOpenKeyExA, RegQueryValueExA, RegSetValueExA, SetFileSecurityA, SetFileSecurityW > KERNEL32.DLL: CloseHandle, CompareStringA, CreateDirectoryA, CreateDirectoryW, CreateFileA, CreateFileW, DeleteFileA, DeleteFileW, DosDateTimeToFileTime, ExitProcess, ExpandEnvironmentStringsA, FileTimeToLocalFileTime, FileTimeToSystemTime, FindClose, FindFirstFileA, FindFirstFileW, FindNextFileA, FindNextFileW, FindResourceA, FreeLibrary, GetCPInfo, GetCommandLineA, GetCurrentDirectoryA, GetCurrentProcess, GetDateFormatA, GetFileAttributesA, GetFileAttributesW, GetFileType, GetFullPathNameA, GetLastError, GetLocaleInfoA, GetModuleFileNameA, GetModuleHandleA, GetNumberFormatA, GetProcAddress, GetProcessHeap, GetStdHandle, GetTempPathA, GetTickCount, GetTimeFormatA, GetVersionExA, GlobalAlloc, HeapAlloc, HeapFree, HeapReAlloc, IsDBCSLeadByte, LoadLibraryA, LocalFileTimeToFileTime, MoveFileA, MoveFileExA, MultiByteToWideChar, ReadFile, SetCurrentDirectoryA, SetEndOfFile, SetEnvironmentVariableA, SetFileAttributesA, SetFileAttributesW, SetFilePointer, SetFileTime, SetLastError, Sleep, SystemTimeToFileTime, WaitForSingleObject, WideCharToMultiByte, WriteFile, lstrcmpiA, lstrlenA > COMCTL32.DLL: - > COMDLG32.DLL: CommDlgExtendedError, GetOpenFileNameA, GetSaveFileNameA > GDI32.DLL: DeleteObject > SHELL32.DLL: SHBrowseForFolderA, SHChangeNotify, SHFileOperationA, SHGetFileInfoA, SHGetMalloc, SHGetSpecialFolderLocation, ShellExecuteExA, SHGetPathFromIDListA > USER32.DLL: CharToOemA, CharToOemBuffA, CharUpperA, CopyRect, CreateWindowExA, DefWindowProcA, DestroyIcon, DestroyWindow, DialogBoxParamA, DispatchMessageA, EnableWindow, EndDialog, FindWindowExA, GetClassNameA, GetClientRect, GetDlgItem, GetDlgItemTextA, GetMessageA, GetParent, GetSysColor, GetSystemMetrics, GetWindow, GetWindowLongA, GetWindowRect, GetWindowTextA, IsWindow, IsWindowVisible, LoadBitmapA, LoadCursorA, LoadIconA, LoadStringA, MapWindowPoints, MessageBoxA, OemToCharA, OemToCharBuffA, PeekMessageA, PostMessageA, RegisterClassExA, SendDlgItemMessageA, SendMessageA, SetDlgItemTextA, SetFocus, SetMenu, SetWindowLongA, SetWindowPos, SetWindowTextA, ShowWindow, TranslateMessage, UpdateWindow, WaitForInputIdle, wsprintfA, wvsprintfA > OLE32.DLL: CLSIDFromString, CoCreateInstance, CreateStreamOnHGlobal, OleInitialize, OleUninitialize ( 0 exports ) RDS...: NSRL Reference Data Set - packers (Kaspersky): PE_Patch.UPX, UPX, WScript, PE_Patch packers (F-Prot): RAR, UPX, RLPack packers (Authentium): RAR, UPX, RAR, RLPack 2、 文件说明符 : D:\test\瑞星产品序列号\瑞星产品序列号.txt 属性 : A--- 数字签名:否 PE文件:否 创建时间 : 2009-3-28 17:34:34 修改时间 : 2009-3-17 1:36:10 大小 : 29 字节 MD5 : de3a546c5b52cd68bc71222e225fb04e SHA1: 6E08409B2889018BA78BD47CB2120EA80BD3E4A2 CRC32: ec9f7cc8 文件中还真有一个序列号:D92PVF-JAA67J-CRUWRJ-FK23** 不过没有ID,也用不了罢? 其实瑞星杀毒软件有一个理论上是永久免费的版本: 瑞星(Google 软件精选版) 下载地址:http://pack.google.com/intl/zh-cn/pack_installer.h tml?hl=zh-cn 安装时不需要ID、序列号,免费、可升级 (责任编辑:admin) |